ClawHub

Three-Dimensional Memory

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local memory organizer, but it encourages saving complete chats and preferences without enough privacy controls.

Install only if you intentionally want persistent local assistant memory. Prefer summaries over full transcripts, keep memory files out of shared or synced locations unless appropriate, redact secrets and personal data, and periodically review or delete old memory files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (12)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README explicitly promotes storing complete conversation transcripts and preserving every word exchanged, but it provides no warning about sensitive data, consent, retention limits, or access controls. In a memory/agent skill, this creates a realistic privacy and security risk because users may unknowingly persist credentials, personal data, confidential business discussions, or regulated information in searchable backups.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly directs storage of complete conversation transcripts and learned user preferences without any consent mechanism, minimization policy, retention limit, or warning about sensitive data handling. This creates a realistic privacy and data exposure risk because transcripts commonly contain credentials, personal data, business secrets, and other sensitive context that may later be retrieved, leaked, or mishandled.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The workflow instructs routine persistent writes across multiple memory stores every day, but does not warn that this creates durable records or that storage may accumulate sensitive information over time. While file creation itself is not dangerous, doing it automatically and continuously increases the chance of unintended retention, overcollection, and later disclosure.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script explicitly instructs users to back up the entire chat transcript, including user messages and AI responses, without any minimization, consent, or privacy guidance. That creates a real data-retention risk because transcripts can contain secrets, personal data, or sensitive business information that may later be exposed from local files or backups.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The workflow guidance tells users to save full transcripts, important context, and user preferences, which encourages long-term storage of potentially sensitive personal and operational information in plain files. User preferences can themselves be sensitive profile data, and the script provides no warning, consent check, access control, or retention limit.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The example explicitly promotes storing full AI conversation transcripts in `AI-memory-backup/` and demonstrates preserving user utterances verbatim, but it provides no warning about sensitive, personal, financial, or confidential data that may be captured in those transcripts. In a memory or agent skill, this can normalize unsafe retention of chat history, increasing the risk of privacy leakage, over-collection, and unauthorized disclosure if backups are accessed or reused without filtering.

Ssd 3

Medium
Confidence
92% confidence
Finding
The documentation encourages retaining complete, searchable conversation transcripts, which materially increases exposure of sensitive historical inputs. In this skill's context, the feature is central to the product and therefore more dangerous: it normalizes broad retention of user/agent exchanges that may contain secrets, personal data, legal discussions, or proprietary information, making later disclosure or misuse more likely.

Ssd 3

Medium
Confidence
90% confidence
Finding
The examples normalize quoting back exact prior user statements from memory, which can surface sensitive historical content to the wrong user, in the wrong context, or long after it should have been forgotten. Because the skill is specifically about persistent memory and retrieval, this increases the chance of over-retention and accidental disclosure of confidential prompts, business decisions, or personal data.

Ssd 3

Medium
Confidence
97% confidence
Finding
Preserving full natural-language transcripts and learned preferences creates a broad semantic data-retention surface, because users may disclose secrets, regulated data, internal strategy, or personal information during normal conversation. The skill context makes this more dangerous, not less, because its core design is to systematically retain and organize exactly that sensitive context for later retrieval.

Ssd 3

Medium
Confidence
96% confidence
Finding
The daily workflow operationalizes continuous collection of full transcripts and learned preferences, turning occasional retention into a standing accumulation process. That increases the chance of storing sensitive data at scale and makes downstream leakage, unauthorized access, or inappropriate reuse more likely.

Ssd 3

Medium
Confidence
94% confidence
Finding
Backing up the full conversation in natural language materially increases the chance that sensitive data is retained and later leaked through filesystem access, sync tools, source control, or accidental sharing. In this skill's context, the backup instructions are operational guidance rather than incidental text, so they directly normalize unsafe handling of conversational data.

Ssd 3

Medium
Confidence
97% confidence
Finding
The example explicitly recommends retaining full transcripts, important context, and user preferences, which is a concrete sensitive-data storage pattern rather than a hypothetical risk. Because this is presented as a daily workflow, it can lead to systematic accumulation of sensitive records over time, increasing breach impact and privacy exposure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal